OpenClaw Gets Rug-Pulled by Imagination: Scammers Dangle Fake $5K $CLAW Airdrop

OpenClaw's rocket-ship trajectory has, predictably, drawn the sector's most creative grifters. Security sleuths at OX published a Wednesday exposé detailing a live phishing operation that's using the AI-agent framework's hype as a direct line to drain devs' wallets. Because why build when you can just steal?

The scam is a classic, with a GitHub twist. Bad actors spin up disposable GitHub accounts, pop into repos they control, and open issue threads that tag a hit-list of developers. The bait reads like a degen's dream: “Appreciate your contributions on GitHub. We analyzed profiles and chose developers to get OpenClaw allocation,” promising a juicy $5,000 in $CLAW tokens. The link leads to a polished knock-off of openclaw.ai, featuring that siren song of a "Connect your wallet" button—the digital equivalent of a bear trap with glitter on it.

The nasty stuff is hidden in an obfuscated JavaScript file named, with zero irony, "eleven.js". Inside, researchers found a built-in "nuke" function designed to scorch-earth all wallet-stealing data from local storage, leaving forensic investigators staring at digital ashes. This script meticulously logs user actions and ships encoded wallet intel—address, transaction value, name—off to a command-and-control server. One linked wallet, 0x6981E9EA7023a8407E4B08ad97f186A5CBDaFCf5, was born last week and vanished hours later; it's still sitting empty, likely waiting for its first sucker.

The targeting is frighteningly precise. These scammers aren't spraying and praying; they're using GitHub's star feature as a degen directory, scraping users who've starred OpenClaw repos. If you starred it, you're on the list. For now, OX Security has only pinpointed one threat-actor address and, mercifully, zero confirmed bag-holders.

This timing isn't accidental; it's predatory. OpenClaw's star count blasted from ~147k to 180k in weeks, and post the OpenAI acquisition chatter, it reportedly mooned to 323k. Sam Altman's announcement that OpenClaw creator Peter Steinberger would lead OpenAI's personal-AI-agent charge was basically a giant "PHISH ME" sign for the project's dev community. Steinberger himself has lamented that crypto spam now floods OpenClaw's Discord "every half hour," which is a faster release schedule than most Layer 2s.

OX Security's prescription for survival is straightforward: block the domains token‑claw.xyz and watery‑compost.today everywhere, never connect a wallet to a site you didn't triple-check, revoke any sketchy approvals immediately, and treat GitHub issues promising free tokens from randos like the malicious spam they are.

The moral of the story? Even the most blazingly hot open-source AI project can become a phishing paradise if you let your guard down and click before you think. In crypto, the only true airdrop is often a rain of consequences.